SharePoint Security Helper Class

In order to circumvent recoding SharePoint security operations several times over, you might find the below class effective.

Some things to note. There are a lot of literal calls in the code, and it’s on purpose. For instance, instead of passing a specific SPWeb object as a parameter, a string value to represent the URL is instead used to hydrate the primary SPWeb.

This code can easily be adjusted, you could create a global SPWeb object (which would aid in trimming the method), you could switch the entire class so that it was tailored towards context, etc. Keeping it in this manner just keeps better medium independence since it makes it easier for client development.
[csharp]
#region Imports
using System.Collections.Generic;
using Microsoft.SharePoint;
#endregion
namespace Example
{
public class SharePointSecurityHelpers
{
#region Helper Methods
public static SPWeb ReturnSPWeb(string url)
{
using (var site = new SPSite(url))
{
using (SPWeb web = site.OpenWeb())
{
return web;
}
}
}
public static SPList GetList(string url, string list)
{
try
{
return ReturnSPWeb(url).Lists[list];
}
catch
{
// Exception Handling Goes Here
return null;
}
}
#endregion
#region Groups And Roles
public static void AddSharePointGroup(string url, string groupName, string groupDescription, string roleName)
{
SPWeb web = ReturnSPWeb(url);

web.SiteGroups.Add(groupName, web.AssociatedOwnerGroup, null, groupDescription);
web.AssociatedGroups.Add(web.SiteGroups[groupName]);
web.Update();
SPRoleAssignment assignment = new SPRoleAssignment(web.SiteGroups[groupName]);
SPRoleDefinition roleApp = web.RoleDefinitions[roleName];

assignment.RoleDefinitionBindings.Add(roleApp);
}

public static List GetAllSharePointGroups(SPWeb web)
{
var tempCollection = new List();
foreach (SPGroup group in web.SiteGroups)
{
tempCollection.Add(group);
}
return tempCollection;
}
public static List GetAllRoleDefinitions(SPWeb web)
{
var tempCollection = new List();
foreach (SPRoleDefinition definition in web.RoleDefinitions)
{
tempCollection.Add(definition);
}
return tempCollection;
}
#endregion
#region Anonymous Methods
public static void SetAnonPermissionsOnSite(string url)
{
SPWeb web = ReturnSPWeb(url);

bool ura = web.HasUniqueRoleAssignments;
if (!ura)
{
web.BreakRoleInheritance(true);
}
web.AnonymousPermMask64 = SPBasePermissions.FullMask;
web.BreakRoleInheritance(ura);
}

public static void SetAnonPermissionsOnList(string url, string listName)
{
SPList list = GetList(url, listName);
bool ura = list.HasUniqueRoleAssignments;
if (!ura)
{
list.BreakRoleInheritance(true);
}
list.AnonymousPermMask64 = SPBasePermissions.ViewListItems;
list.BreakRoleInheritance(ura);
}
#endregion
#region Inheritance Methods
public static void BreakListInheritance(string url, string listName)
{
SPList list = GetList(url, listName);
list.BreakRoleInheritance(true);
list.Update();
}

public static void ResetListInheritance(string url, string listName)
{
SPList list = GetList(url, listName);
list.ResetRoleInheritance();
list.Update();
}

public static void BreakSiteInheritance(string url)
{
SPWeb web = ReturnSPWeb(url);
web.BreakRoleInheritance(true);
web.Update();
}

public static void ResetSiteInheritance(string url)
{
SPWeb web = ReturnSPWeb(url);
web.ResetRoleInheritance();
web.Update();
}

public static string CheckIfUniqueAssign(ISecurableObject testableObject)
{
if (testableObject.HasUniqueRoleAssignments)
{
return “This Object Is Unique From Parent!”;
}
return “This Object Inherits Permission From Parent!”;
}
#endregion
#region User Methods
public static void AddUserToSharePointGroup(string url, string userName, string groupName)
{
SPWeb web = ReturnSPWeb(url);
SPUser user = web.EnsureUser(userName);
SPGroup group = web.SiteGroups[groupName];
group.AddUser(user.LoginName, user.Email, user.Name, user.Notes);
group.Update();
}

public static void AddUserToSharePoint(string url, string userName, string role)
{
SPWeb web = ReturnSPWeb(url)
web.AllowUnsafeUpdates = true;
SPUser user = web.EnsureUser(userName);
SPRoleDefinitionCollection roleDef = web.RoleDefinitions;
SPRoleAssignmentCollection roleAssignments = web.RoleAssignments;
var roleAssignment = new SPRoleAssignment(user);
SPRoleDefinitionBindingCollection roleDefBindings = roleAssignment.RoleDefinitionBindings;
roleDefBindings.Add(roleDef[role]);
roleAssignments.Add(roleAssignment);
web.AllowUnsafeUpdates = false;
}
#endregion
}
}[/csharp]

Just throw your namespace at the top, and you should be ready to go!

Share